[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Compatibility with IDNA




--On Wednesday, 12 February, 2003 02:30 +0000 "Adam M. Costello" <ietf-imaa.amc+0@xxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

The real question is how to deal with the minimum quoting
required by RFC 2821.  Is that considered part of the email
address?  For example, how is that quoting handled if such an
email address is included as a DNS label?  Do MTAs match the
email address ``"joe user"@example.com'' against the login
name ``joe user'' or agains ``"joe user"''?


I was wondering the same thing myself this morning.  You can
also ask the question in the other direction.  If I find

"foo".example.org.

in an SOA record, and I want to send mail there, do I need to
compose the To: field like this:

"\"foo\""@example.org

Adam,

The "only the receiving MTA gets to mess with the local-part" rule has been historically interpreted _very_ strictly and bad things have happened when it isn't. The general intent is that

''joe user'' and ''"joe user"''
be treated as equal and that
''foo'' and ''\"foo\"''
be equivalent as well, although, in the ''\"foo\"'' case, the minimal quoting rule is violated.

However, the specifications very carefully avoid the assumption that a mailbox name bears any relationship to a login name. Some users, systems, and administrators find that relationships convenient. At the other extreme, some believe that having a mailbox name match the user name is an unnecessary and undesirable disclosure of information that puts important information into the hands of potential crackers and they simply won't permit it. So one answer would be that the question "which form matches the user name" is irrelevant; the only important question is "which form the receiving/delivery MTA will interprets as matching the internal mailbox (or maildrop) name".

There is a second principle, which is that mailbox names, unlike most traditional DNS strings, get really close to user command-level interfaces. And command interfaces have a history of mucking up quoting conventions in a big way. Different operating systems foul up things in different ways, just to make things interesting. People who write code for the Internet email environment have discovered, after years and years of abuse of the system, a need to get really conservative about anything they actually want to have delivered. Smart email administrators tend to avoid configuring "joe user" as a mailbox name, or make sure that "joe.user", or something else that doesn't require quoting, is supported as a recommended alias. Similarly, despite the fact that the SOA record mailbox form

joe\.user.some.domain

is perfectly well defined as equivalent to joe.user@xxxxxxxxxxx, folks who are more interested in making sure that the domain admin mailbox can be contacted than they are in demonstrating how much they know about the DNS usually set up names or aliases to avoid having to deal with periods in the local part. And receiving/delivery MTAs (or the associated alias mechanisms) written by people with a strong "the mail must go through if I can possibly figure out what was intended" mentality are usually configured so that

   joe user
   "joe user"
   joe\ user
   "joe\ user"
and even
   'joe user'
and maybe even
   'joe user"
   """"joe user"   and
   "\"joe user"

and all of their case variants, end up pointing to the same maildrop. That is either the robustness principle carried to one of its extremes or just good sense. But nothing requires that all of those cases be treated the same, any more than anything requires case-matching. Consequently, a sending/originating MUA that makes strong assumptions about how the delivery MTA is going to interpret local-parts will, at best, violate the protocols and periodically end up with undeliverable mail or, at worst, do fairly severe violence to the email environment.

john